THE OFFICE OF THE PRIVACY COMMISSIONER
Spacer GifHOME > Media and Speeches > Media Release: Amend Privacy Act to address security breaches, biometrics and data-matching, says Privacy Commissioner Spacer Gif Spacer Gif Spacer Gif Spacer Gif
Spacer Gif
Spacer Gif Media and Speeches
Spacer Gif Bullet Media Releases
Spacer Gif Bullet Speeches
Spacer Gif Bullet Privacy Awareness Week
Spacer Gif Bullet Privacy Matters Newsletter
Spacer Gif SPECIFIC PRIVACY
INFORMATION FOR:
Spacer Gif > Individuals
Spacer Gif > Business
Spacer Gif > Health
Spacer Gif > Government
Horizontal Rule
Spacer Gif > Federal Privacy Law
Spacer Gif > About the Office
Spacer Gif > Frequently Asked Questions
Spacer Gif > IT and Internet Issues
Spacer Gif > Media and Speeches
Spacer Gif > Publications
Spacer Gif > Privacy Links
Spacer Gif > International
Spacer Gif > Contact us

Spacer Gif

Media Release: Amend Privacy Act to address security breaches, biometrics and data-matching, says Privacy Commissioner

View printable version of this page

8 March 2007

While noting that the Privacy Act has generally worked well, the Privacy Commissioner, Karen Curtis, has recommended to the Australian Law Reform Commission (ALRC) that changes to the Privacy Act may be necessary to reflect technological developments.

"New technologies can offer immense benefits but we need strong protections in place to ensure that these benefits can be enjoyed while not unnecessarily impacting on individual privacy rights," Ms Curtis said.

In her 474-page submission to the ALRC's Review of Privacy, Ms Curtis identified a range of issues to address in areas as diverse as health, technology and telecommunications.

Some of the key technology-related proposals in the submission include:

  • Technology neutrality

    The Privacy Act should remain technology neutral to allow for sufficient regulatory flexibility to accommodate technological change.

  • Security breaches

    Organisations should be required to notify customers of a security breach that has made their personal information vulnerable in certain circumstances. This would provide a strong market incentive to organisations to adequately secure databases to increase consumer trust and avoid potential brand damage and negative publicity.

  • Biometrics

    Biometric information should be classified as sensitive information under the Privacy Act to ensure that it is afforded a higher level of privacy protection than other forms of personal information.

    In addition, all organisations - including small businesses that are generally exempt under the Privacy Act - that handle biometric information should be covered by the Act when handling the information.

  • Data-matching

    Owing to the risks posed by data-matching, the voluntary public sector data-matching guidelines should be reviewed and made mandatory. 

Aside from these proposals, Ms Curtis also called for a multi-faceted approach to the protection of privacy in the context of developing technologies.

"User education, the adoption of anti-spyware and international agreements between jurisdictions are additional steps in ensuring that technological developments do not encroach on people's privacy," she said. 

For further information see www.privacy.gov.au/publications/alrc280207.html

For media comment, contact 0407 663 968.
Spacer Gif> Privacy Policy Spacer Gif> Copyright Spacer Gif> Site map Spacer Gif> Join Email List Spacer Gif> Glossary Spacer Gif> Calendar Spacer Gif> Newsletter